Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8a5afac0fe0a5f6c4f3c4b2334690324767a03a9e1d8b770bb34038144730a3e
-
Size
390KB
-
Sample
230718-wkgm1adg5t
-
MD5
f57753ddd286ffc062427b2ccabd95e0
-
SHA1
5fc871d1136f599429d291100d11a1c725dc3d92
-
SHA256
8a5afac0fe0a5f6c4f3c4b2334690324767a03a9e1d8b770bb34038144730a3e
-
SHA512
b1cf8c221f35ec7a26ac96a2a2d96490dc132f6b90ed30c4d74d5d89d0e6f628689fef3a51b835c845021d50c45c0af0470cd47768fdc61a94f3a550530def74
-
SSDEEP
12288:/Mray90Ys6TwJElJS3B+S1RS0cHnl9BSiR8hQ:Nyg6TNZESbHlN
Static task
static1
Behavioral task
behavioral1
Sample
8a5afac0fe0a5f6c4f3c4b2334690324767a03a9e1d8b770bb34038144730a3e.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
redline
roma
77.91.68.56:19071
-
auth_value
f099c2cf92834dbc554a94e1456cf576
Targets
-
-
Target
8a5afac0fe0a5f6c4f3c4b2334690324767a03a9e1d8b770bb34038144730a3e
-
Size
390KB
-
MD5
f57753ddd286ffc062427b2ccabd95e0
-
SHA1
5fc871d1136f599429d291100d11a1c725dc3d92
-
SHA256
8a5afac0fe0a5f6c4f3c4b2334690324767a03a9e1d8b770bb34038144730a3e
-
SHA512
b1cf8c221f35ec7a26ac96a2a2d96490dc132f6b90ed30c4d74d5d89d0e6f628689fef3a51b835c845021d50c45c0af0470cd47768fdc61a94f3a550530def74
-
SSDEEP
12288:/Mray90Ys6TwJElJS3B+S1RS0cHnl9BSiR8hQ:Nyg6TNZESbHlN
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-